package com.lavegue.common;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * author: luoweibin
 * date:2011-12-19
 * description:
 *
 */
public class AuthFilter  extends HttpServlet implements Filter  {
	//没有权限跳转到的登录页面
	private String loginUrl = "";
	
	public void doFilter(ServletRequest sRequest, ServletResponse sResponse,
			FilterChain chain) throws IOException, ServletException {
		 HttpServletRequest request = (HttpServletRequest) sRequest;    
		 HttpServletResponse response = (HttpServletResponse) sResponse;    
		 HttpSession session = request.getSession();
		 //session中的用户对象不存在则让用户重新登录
		 if (session.getAttribute(Constants.SESSION_USER) == null && !request.getRequestURI().toLowerCase().contains("login")) {
			 response.sendRedirect(loginUrl);    
		 } else {
			 chain.doFilter(sRequest, sResponse);
		 }

	}

	public void init(FilterConfig config) throws ServletException {
		loginUrl = config.getInitParameter("loginUrl");
		System.out.println("获取初始化参数loginUrl:" + loginUrl);
	}

	
}

